{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-71058", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-05-14T16:03:15.648Z", "dateReserved": "2026-01-09T00:00:00.000Z", "datePublished": "2026-04-07T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-21T19:09:44.488Z"}, "descriptions": [{"lang": "en", "value": "Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://sourceforge.net/projects/dhcp-dns-server/"}, {"url": "https://github.com/FPokerFace/Security-Advisory/tree/main/CVE-2025-71058"}, {"url": "https://github.com/FPokerFace/Security-Advisory/blob/main/CVE-2025-71058/poc.c"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-09T14:08:11.699406Z", "id": "CVE-2025-71058", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-14T16:03:15.648Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-71058", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-09T14:08:11.699406Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T14:08:37.319Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://sourceforge.net/projects/dhcp-dns-server/"}, {"url": "https://github.com/FPokerFace/Security-Advisory/tree/main/CVE-2025-71058"}, {"url": "https://github.com/FPokerFace/Security-Advisory/blob/main/CVE-2025-71058/poc.c"}], "descriptions": [{"lang": "en", "value": "Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-21T19:09:44.488Z"}}}, "cveMetadata": {"cveId": "CVE-2025-71058", "state": "PUBLISHED", "dateUpdated": "2026-05-14T16:03:15.648Z", "dateReserved": "2026-01-09T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-07T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations."}], "id": "CVE-2025-71058", "lastModified": "2026-04-21T20:16:26.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-07T19:16:43.220", "references": [{"source": "cve@mitre.org", "url": "https://github.com/FPokerFace/Security-Advisory/blob/main/CVE-2025-71058/poc.c"}, {"source": "cve@mitre.org", "url": "https://github.com/FPokerFace/Security-Advisory/tree/main/CVE-2025-71058"}, {"source": "cve@mitre.org", "url": "https://sourceforge.net/projects/dhcp-dns-server/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "8.01"}}], "enrichment": {"confidence": 91.0, "confidence_source": "matching", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 91.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "dual_dhcp_dns_server", "vendor": "dual_dhcp_dns_server_project"}], "analysis": {"en": {"generated_at": "2026-04-10T11:52:27.393411+00:00", "value": {"mitigation_remediation": ["Apply the latest patch or upgrade Dual\u202fDHCP\u202fDNS\u202fServer to a version that validates upstream DNS responses", "If an upgrade is not possible, configure firewall rules to block unsolicited DNS responses from untrusted sources", "Activate any available strict upstream server validation features", "Monitor DNS query and cache logs for anomalous domain entries and investigate any unexpected resolutions"], "summary": {"action": "Patch Immediately", "impact": "DNS Cache Poisoning"}, "threat_synthesis": {"affected_systems": "The vulnerability is limited to the Dual\u202fDHCP\u202fDNS\u202fServer software version\u202f8.01. No other vendors or product variants are referenced in the available data, so installations of this exact version are impacted.", "description_and_impact": "Dual\u202fDHCP\u202fDNS\u202fServer\u202f8.01 accepts unsolicited UDP DNS responses without verifying that the answer comes from a legitimate upstream server. By matching solely the transaction identifier, the daemon inserts the data into its cache. If an attacker succeeds in delivering a forged reply, the stolen entries can resolve any queried domain name to an attacker\u2011controlled IP address, effectively redirecting network traffic to malicious destinations.", "risk_and_exploitability": "With a CVSS score of 9.1 the flaw is considered high severity. The EPSS score of less than 1\u202f% indicates a low likelihood of exploitation in the wild. It is not listed in the CISA Known Exploited Vulnerabilities catalog. The attack can be carried out from any network host that can reach the server\u2019s DNS listening port, requiring no authentication or elevated privileges. Successful cache poisoning can compromise the confidentiality of traffic by redirecting users to malicious endpoints and can degrade availability by disrupting resolution of legitimate domain names."}}}}, "created": "2026-04-08T19:50:24.900145+00:00", "title": "DNS Cache Poisoning via Unvalidated UDP Responses", "updated": "2026-04-13T14:27:27.031078+00:00", "vendors": ["dual_dhcp_dns_server_project", "dual_dhcp_dns_server_project$PRODUCT$dual_dhcp_dns_server"]}